Re: [idn] IDN spoofing

• Previous message: Erik van der Poel: "Re: [idn] IDN spoofing"
• Maybe in reply to: Erik van der Poel: "Re: [idn] IDN spoofing"
• Next in thread: Erik van der Poel: "Re: [idn] IDN spoofing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Hans Aberg <haberg at math dot su dot se> wrote:

>> That isn't the point. It doesn't matter if the mapping takes place
>> at the character-encoding level or at some other level. The problem
>> of determining which pairs of characters are confusable and should be
>> folded together, and which pairs aren't and shouldn't, still remains
>> to be solved.
>
> If one does the way, no characters or character sequences are actually
> folded together, but one defines a semantics which tells which
> character sequences should have the same semantics.

Well, whatever. You know what I mean: "which pairs of characters should
be treated the same for IDN purposes."

>> And for something like IDNs, once you have decided on a mapping, you
>> can never, ever change it. Otherwise you will have a domain name
>> available for registration by customer A today, but a similar one not
>> available to customer B six months later (or vice versa, A can't get
>> it but B can). Either way, you have a lawsuit.
>
> Sure you can change it: One can make the equivalence classes smaller,
> whenever one wants. For example, upper and lower case letters are now
> considered equivalent. One takes that equivalence away, names must be
> used as registered with respect to casing. If one introduces new
> equivalence classes, then one must run through all registered names,
> and require that names that are merged onto each other are changed.
> But if one is sufficiently conservative when defining these
> equivalences, that should not happen too often. For example, if now
> Latin "o" and Greek "omicron" are viewed inequivalent but are declared
> equivalent, then, if more than one user has used the name "foo" in
> various combinations of the letter, then all but one must change
> registration name.

You make it sound so easy. Try explaining to a company that has
advertised its Web address all over television, radio, newspapers,
magazines, billboards, and business cards that they now have to change
their address because someone changed the IDN rules.

-Doug Ewell
 Fullerton, California
 http://users.adelphia.net/~dewell/

• Next message: William Tan: "Re: [idn] IDN spoofing"
• Previous message: Erik van der Poel: "Re: [idn] IDN spoofing"
• Maybe in reply to: Erik van der Poel: "Re: [idn] IDN spoofing"
• Next in thread: Erik van der Poel: "Re: [idn] IDN spoofing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Mon Feb 21 2005 - 13:16:30 CST